dd74a8051050a54dd410a0b4eb8c24ca1c409b43a3f1b007d064e14353849b0b | Triage

Sharing

General

Target

dd74a8051050a54dd410a0b4eb8c24ca1c409b43a3f1b007d064e14353849b0b
Size

315KB
Sample

221020-gcar6agahl
MD5

80736a9e70a2434080b9a48a66649410
SHA1

4c9bf4702987568f50ff7da8fa82f7b24761ff96
SHA256

dd74a8051050a54dd410a0b4eb8c24ca1c409b43a3f1b007d064e14353849b0b
SHA512

de9b63ae72219736dc0aca91d094bc21951d3206b7f0400748fc3a8938b3833fa22fdec795f8d203aa030194fb3b63761a1bbce2fe98c49b0c6033c961e7c1ab
SSDEEP

6144:YreyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x9E:YrzVm/kkuveY3MGWzlx7DMS7dG9E

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  dd74a8051050a54dd410a0b4eb8c24ca1c409b43a3f1b007d064e14353849b0b
- Size
  
  315KB
- MD5
  
  80736a9e70a2434080b9a48a66649410
- SHA1
  
  4c9bf4702987568f50ff7da8fa82f7b24761ff96
- SHA256
  
  dd74a8051050a54dd410a0b4eb8c24ca1c409b43a3f1b007d064e14353849b0b
- SHA512
  
  de9b63ae72219736dc0aca91d094bc21951d3206b7f0400748fc3a8938b3833fa22fdec795f8d203aa030194fb3b63761a1bbce2fe98c49b0c6033c961e7c1ab
- SSDEEP
  
  6144:YreyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x9E:YrzVm/kkuveY3MGWzlx7DMS7dG9E
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2